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CLAIMS : 

1. An access control system for controlling access to 
data stored on at least one data storage medium of a 

5 computing system, the access control system comprising: 

authentication means to authenticate users permitted 
to access data stored in the at least one data storage 
medium; and 

database means arranged to store data access 
10 profiles; 

each data access profile being associated with a 
user permitted to access data stored in the at least one 
data storage medium; 

each data access profile including information 
15 indicative of the degree of access permitted by a user to 
data stored in the at least one data storage medium; and 

each data access profile including a master data 
access profile and a current data access profile, the 
current data access profile being modifiable within 
20 parameters defined by the master data access profile. 

2. An access control system as claimed in claim 1, 
further comprising profile setting means arranged to 
facilitate creation of the master and current access 

25 profiles. 

3. An access control system as claimed in claim 2, 
wherein the access control system is incorporated into a 
computing system having an operating system and the master 

30 data access profile is modifiable only prior to loading of 
the operating system. 

4. An access control system as claimed in any one of 
claims 1 to 3, wherein said control system is activatable 

35 so as to permit modification of the current access profile 
and deactivatable so as to prevent modification of the 
current access profile. 
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5. An access control system as claimed in any one of 
the preceding claims, wherein the access control system is 
implemented at least in part in the form of software. 

5 

6. An access control system as claimed in any one of 
the preceding claims, wherein the access control system is 
implemented at least in part in the form of hardware. 

10 7. An access control system as claimed in any one of 
the preceding claims, wherein the access control system is 
arranged to govern user access profiles used by a security 
device configured to control access to a data storage 
medium. 

15 

8. An access control system as claimed in claim 7, 
wherein the security device is implemented at least in 
part in hardware and is of a type located between a data 
storage medium of a computing system and a CPU of the 

20 computing system. 

9. An access control system as claimed in claim 7, 
wherein the security device is implemented at least in 
part in hardware and is of a type incorporated into bus 

25 bridge circuitry of a computing system. 

10. An access control system as claimed in any one of 
the preceding claims, wherein the access control system is 
incorporated into a computing system having an operating 

30 system and the current access profile is modifiable after 
loading of the operating system. 

11. A method of controlling access to data stored on at 
least one data storage medium of a computing system, the 

35 method comprising the steps of: 
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providing means for authenticating users permitted 
to access data stored in the at least one data storage 
medium; and 

storing data access profiles; 
5 associating each data access profile with a user 

permitted to access data stored in the at least one data 
storage medium; 

each data access profile including information 
indicative of the degree of access permitted by a user to 
10 data stored in the at least one data storage medium; and 

each data access profile including a master data 
access profile and a current data access profile; and 

facilitating modification of the current data access 
profile being within parameters defined by the master data 
15 access profile. 

12. A method as claimed in claim 11, further comprising 
the step of facilitating creation of the master and 
current access profiles, 

20 

13. A method as claimed in claim 12, wherein the access 
control system is incorporated into a computing system 
having an operating system, and the step of facilitating 
modification of the current data access profile includes 

25 the step of facilitating modification of the master data 
access profile only prior to loading of the operating 
system. 

14. A method as claimed in any one of claims 11 to 13, 
30 further including the steps of facilitating activation of 

said control system so as to permit modification of the 
current access profile and facilitating deactivation of 
said control system so as to prevent modification of the 
current access profile. 

35 
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15. A method as claimed in any one of claims 11 to 14, 
wherein the access control system is implemented at least 
in part in the form of software. 



5 16. A method as claimed in any one of claims 11 to 15, 
wherein the access control system is implemented at least 
in part in the form of hardware. 



17. A method as claimed in any one of claims 11 to 16, 
10 further comprising the step of arranging the access 
control system so as to govern user access profiles used 
by a security device configured to control access to a 
data storage medium. 



15 18. A method as claimed in claim 17, wherein the 
security device is implemented at least in part in 
hardware and is of a type located between a data storage 
medium of a computing system and a CPU of the computing 
system. 

20 

19. A method as claimed in claim 11, wherein the 
security device is implemented at least in part in 
hardware and is of a type incorporated into bus bridge 
circuitry of a computing system. 

25 

20. A method as claimed in any one of claims 11 to 19, 
further comprising the steps of incorporating the access 
control system into a computing system having an operating 
system and facilitating modification of the current access 

30 profile after loading of the operating system. 



21. A computer program which when loaded into a 
computing system causes the computing system to operate in 
accordance with an access control system for controlling 
35 access to data stored on at least one data storage medium 
of a computing system, the access control system 
comprising: 
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authentication means to authenticate users permitted 
to access data stored in the at least one data storage 
medium; and 

database means arranged to store data access 
5 profiles; 

each data access profile being associated with a 
user permitted to access data stored in the at least one 
data storage medium; 

each data access profile including information 
10 indicative of the degree of access permitted by a user to 
data stored in the at least one data storage medium; and 

each data access profile including a master data 
access profile and a current data access profile, the 
current data access profile being modifiable within 
15 parameters defined by the master data access profile. 

22. A computer useable medium having a computer readable 

program code embodied therein for causing a computer to 

operate in accordance with an access control system for 
20 controlling access to data stored on at least one data 

storage medium of a computing system, the access control 

system comprising : 

authentication means to authenticate users permitted 

to access data stored in the at least one data storage 
25 medium; and 

database means arranged to store data access 

profiles; 

each data access profile being associated with a 
user permitted to access data stored in the at least one 
30 data storage medium; 

each data access profile including information 
indicative of the degree of access permitted by a user to 
data stored in the at least one data storage medium; and 

each data access profile including a master data 
35 access profile and a current data access profile, the 
current data access profile being modifiable within 
parameters defined by the master data access profile. 



